{"id":50450738,"url":"https://github.com/imrany/vault-locker","last_synced_at":"2026-06-01T00:01:51.283Z","repository":{"id":361677243,"uuid":"1255342893","full_name":"imrany/vault-locker","owner":"imrany","description":"A secure CLI designed to encrypt and decrypt contents inside a target folder","archived":false,"fork":false,"pushed_at":"2026-05-31T19:56:57.000Z","size":8104,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-31T20:20:55.664Z","etag":null,"topics":["file-encryption","rust-lang"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/imrany.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"imrany"}},"created_at":"2026-05-31T17:59:57.000Z","updated_at":"2026-05-31T20:16:40.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/imrany/vault-locker","commit_stats":null,"previous_names":["imrany/vault-locker"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/imrany/vault-locker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imrany%2Fvault-locker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imrany%2Fvault-locker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imrany%2Fvault-locker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imrany%2Fvault-locker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/imrany","download_url":"https://codeload.github.com/imrany/vault-locker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imrany%2Fvault-locker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33753926,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-31T02:00:06.040Z","response_time":95,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["file-encryption","rust-lang"],"created_at":"2026-06-01T00:01:47.429Z","updated_at":"2026-06-01T00:01:51.271Z","avatar_url":"https://github.com/imrany.png","language":"Rust","funding_links":["https://github.com/sponsors/imrany"],"categories":[],"sub_categories":[],"readme":"# Vault Locker 🔒⚡\n\n**Vault Locker** — A Command Line Interface (CLI) \u0026 Terminal User Interface (TUI) utility designed to encrypt and decrypt contents inside a target folder.\n\nBuilt on **Ratatui**, **Crossterm** and **Tokio runtime** which distributes encryption workloads across worker pools running concurrent cryptographic tasks simultaneously.\n\nFiles are transformed into scrambled byte blocks using authenticated **AES-256-GCM** encryption and brute-force resistant **Argon2** key-stretching, all while rendering live data logs, bandwidth numbers, and responsive progress metrics in real time.\n\n## 🕹️ Dashboard Experience\n\n```text\n 🛡  VAULT LOCKER  v0.5.0 ───────────────────────────────────────────────────────\n ┌── Select Folder ─────────────────────┐┌── Folder Info ──────────────────┐\n │ ▶ bashadi-agency                     ││                                 │\n │   TaskSentinel                       ││   Path    ./bashadi-agency      │\n │   boot                         🔒    ││   Files   1,420 (0 encrypted)   │\n │                                      ││   Status  🔒 Vault exists       │\n │                                      ││   Workers 8 concurrent tasks    │\n └──────────────────────────────────────┘└─────────────────────────────────┘\n ┌── Active Workers (2/8) ─────────────────────────────────────────────────┐\n │  ⚡ core_backend.rs                                                      │\n │  ⚡ index.ts                                                             │\n └─────────────────────────────────────────────────────────────────────────┘\n  ↑↓ navigate   Enter: select   Esc: quit\n```\n\n## 🚀 Engine Architecture \u0026 Performance Layout\n\nVault Locker handles file encryption using an asynchronous, event-driven pattern designed for modern multi-core architecture:\n\n### 1. Multi-Threaded Async Worker Pools\n\n* **Tokio Pipeline Architecture:** The application scans target nodes recursively using `WalkDir`. Instead of a linear loop, file items are dispatched over an asynchronous job cluster bounded by a strict allocation limit (`CONCURRENCY = 8`).\n* **Non-Blocking Channel Synchronization:** Workers pass performance telemetry up to the visual thread via an unbounded Single-Consumer Multi-Producer (`mpsc::unbounded_channel`) ring. The UI loops every `50ms` (`TICK_RATE = 50ms`), draining the event pipe to update indicators without blocking file system operations.\n\n### 2. File Obfuscation \u0026 Envelope Metadata Format\n\n* **Cryptographic Name Shuffling:** To prevent side-channel information exposure via structural path leakage, the original directory architecture is flattened. File targets inside a folder have their paths randomized using a high-entropy 16-byte hex generator.\n* **Envelope Format:** Files are encrypted with individual 12-byte initialization vectors (**Nonces**). The metadata needed to safely reconstruct the file structure later is packed directly into the binary file envelope before the encrypted ciphertext:\n\n```text\n┌──────────────────┬─────────────────────┬─────────────┬────────────────────────┐\n│ Name Len (4B LE) │   Original Filename  │ Nonce (12B) │   Encrypted Ciphertext  │\n└──────────────────┴─────────────────────┴─────────────┴────────────────────────┘\n```\n\n### 3. Permanent Directory Binding Lock\n\n* When a folder structure is locked for the first time, an immutable `.vault_lock` state signature is written directly into its root path containing a calculated Argon2 hash string.\n* Any consecutive manipulation attempts verify the password against this block using strict validation rules. **The password cannot be modified or updated**, preventing malicious tampering.\n\n### 4. Smart Configuration Space\n\nThe system automatically senses its environment to resolve its operational layout using a cascading configuration lookup path:\n\n* **Development Mode:** Checks for a local `.vault_config` file directly in the current executing path context.\n* **Production Sandbox Fallback:** If absent, it safely shifts to system standard layout nodes (e.g., `~/.config/vault_locker/.vault_config`), building nested parent nodes cleanly without throwing environment faults.\n\n\n## 🛠️ Local Engine Compilation \u0026 Development Build\n\nIf you are expanding the TUI dashboard layout configuration or rewriting target core crypto blocks, build your dependencies completely from the workspace source block. Ensure you have the latest stable Rust toolchain configured on your machine (`Ubuntu 22.04 LTS` or higher recommended).\n\n1. Move directly into your current workspace folder:\n\n```bash\ncd vault_locker\n```\n\n2. Instruct `cargo` to run profile optimizations, layout flattening, and dead-code stripping during compilation:\n\n```bash\ncargo build --release\n```\n\nThe high-performance compiled binary will generate inside `./target/release/vault`.\n\n### Running the interactive TUI Dashboard\n\nLaunch your local engine dashboard layout frame in fullscreen mode with an active directory layout scanning mechanism:\n\n```bash\ncargo run --release\n```\n\n### Headless CLI Engine Routing (Automated Environments)\n\nIf argument patterns are directly fed, the engine skips the alternate screen initialization sequence entirely and pipes progress tracking cleanly to standard output streams.\n\n* **Encrypting a Target Folder:**\n\n```bash\ncargo run -- encrypt /path/to/target --password YourSecretPassphrase123\n```\n\n* **Decrypting a Target Folder:**\n\n```bash\ncargo run -- decrypt /path/to/target --password YourSecretPassphrase123\n```\n\n## ⚡ Quick Production Installation\n\nFor modern standard Linux environments (`Ubuntu / Debian / Mint`), use our high-speed, authenticated delivery channels to get up and running instantly.\n\n### 1. Automated Script Installation (Recommended)\n\nExecute this command in your local machine terminal to query GitHub API asset metadata, pull the latest compiled binary archive automatically, map it into local target binaries, and link global desktop system references:\n\n```bash\ncurl -fsSL https://raw.githubusercontent.com/imrany/vault-locker/refs/heads/main/scripts/install.sh | bash\n```\n\n### 2. Manual Package Installation Flow\n\nIf you prefer running sandboxed manual packages, fetch the target elements manually from the GitHub Release Registry page:\n\n#### Option A: Native Debian Package Platform (`.deb`)\n\n```bash\n# Fetch the compiled package distribution binary map\nwget https://github.com/imrany/vault-locker/releases/latest/download/vault-v0.5.0-linux-x86_64.deb\n\n# Install package through standard packaging engines\nsudo apt install ./vault-v0.5.0-linux-x86_64.deb\n```\n\n#### Option B: Standalone Compressed Tarball (`.tar.gz`)\n\n```bash\n# Download the high-speed static production container binary layout\nwget https://github.com/imrany/vault-locker/releases/latest/download/vault-linux-v0.5.0.tar.gz\n\n# Extract context elements and bind execute privileges to your local binaries path\ntar -xzvf vault-linux-v0.5.0.tar.gz\nsudo mv vault /usr/local/bin/vault\n```\n\n## 🧹 Clean Uninstallation\n\nIf you need to completely remove Vault Locker, its desktop metadata layers, and system-wide configurations, run the one-liner script below or use the manual package manager commands:\n\n### One-Liner Uninstallation Script\n\n```bash\ncurl -fsSL https://raw.githubusercontent.com/imrany/vault-locker/refs/heads/main/scripts/install.sh | bash -s -- uninstall\n```\n\n### Manual Package Clean-up Commands\n\n* If installed via `.deb` package manager:\n\n```bash\nsudo apt remove --purge vault\n```\n\n* If installed via binary tarball layout:\n\n```bash\nsudo rm -f /usr/local/bin/vault\nsudo rm -f /usr/share/applications/vault.desktop\nsudo rm -f ~/.config/vault_locker/.vault_config\n```\n\n\n## 🕵️‍♂️ TARGET CHALLENGE: Operation Boot Sector!\n\nAre your cryptographic credentials working correctly? Let's verify the operational capacity of your build with a data restoration exercise.\n\nSee [Challenge](https://www.google.com/search?q=./boot/challenge.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fimrany%2Fvault-locker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fimrany%2Fvault-locker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fimrany%2Fvault-locker/lists"}